|
Message-ID: <4255c2570803110853i9a36455j72e2137c826d19f5@mail.gmail.com> Date: Tue, 11 Mar 2008 09:53:46 -0600 From: RB <aoz.syn@...il.com> To: john-users@...ts.openwall.com Subject: Re: How to determine # users with a shadow file > I tried that initially but I have to count DES hashes as well, DES hashes do > not contain the $ symbol but are 13 characters long, so that's how I came up > with the 13 or 34 awk script. I assume the 34 would catch all MD5 hashes? Sorry, forgot about the old DES hashes. Looks like 34 would catch Linux MD5 hashes, but not Sun MD5, which are 37 characters, nor OpenBSD Blowfish, which are 61 (SuSE or anything using pam_unix2 or Openwall's TCB). Since DES is mostly the exception here (no regular leading signature), you may just want to deal with it separately, i.e.: awk -F: '((length($2)==13)||($2 ~ /^\$/)){print $0}' foo.txt That would probably cover most signature possibilities you would encounter in your given environment, allowing for some future alteration. It's still moderately brittle, but nothing short of validating each string as a hash individually will be perfect (reading DES_fmt.c shows the DES hash can also be 24 characters long). IMO, it's all about minimizing effort while maximizing throughput: if you're sure you won't encounter any odd hashes or that it won't be the end of the world if you do, stick with the length tests. RB -- To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply to the automated confirmation request that will be sent to you.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.